This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/oceSKvrllnCrvk92FHFsVzeBTss.roa File: oceSKvrllnCrvk92FHFsVzeBTss.roa (raw, json) Hash identifier: 0SeEZnu0jB4ZHw+xz6JgC2VzIbt4JJzhFOwC9wUxTvI= Subject key identifier: A1:C7:92:2A:FA:E5:96:70:AB:BE:4F:76:14:71:6C:57:37:81:4E:CB Certificate issuer: /CN=daaf17b0015dbb7cd992f26cdff01c4e2620b73e Certificate serial: 019B77C68CA9BE2DC090EED30F76BC1CFF58 Authority key identifier: DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/oceSKvrllnCrvk92FHFsVzeBTss.roa Signing time: Thu 01 Jan 2026 04:17:39 +0000 ROA not before: Thu 01 Jan 2026 04:17:39 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 197483 IP address blocks: 89.40.80.0/24 maxlen: 24 2a00:8a84:c010::/44 maxlen: 44 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/2q8XsAFdu3zZkvJs3_AcTiYgtz4.crl rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/2q8XsAFdu3zZkvJs3_AcTiYgtz4.mft rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:21:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:77:c6:8c:a9:be:2d:c0:90:ee:d3:0f:76:bc:1c:ff:58 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=daaf17b0015dbb7cd992f26cdff01c4e2620b73e Validity Not Before: Jan 1 04:17:39 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=a1c7922afae59670abbe4f7614716c5737814ecb Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:99:31:61:4f:88:0b:aa:49:aa:93:6e:a3:ac:33: 47:84:66:e6:44:79:5a:2b:b3:f4:f3:e5:f7:9f:23: 81:e1:68:ac:6a:9c:c5:91:60:21:1f:9e:20:c5:a1: fb:bb:90:b6:0b:3e:19:1a:0e:56:22:6d:f6:3f:cf: 7e:23:51:d3:a4:40:96:87:18:41:1e:da:8a:a1:8b: 77:d2:52:2d:02:53:7b:bf:80:b0:a6:b5:8d:7e:68: ff:ad:e6:d5:c3:81:7f:86:a6:f5:06:49:7c:c6:60: 12:9e:77:61:10:2a:85:63:2c:3d:5a:c0:ea:f2:bf: b1:97:52:5e:75:f9:46:58:67:14:70:90:ff:82:94: b8:02:09:bd:44:7f:47:87:f0:ce:f6:21:a7:06:e1: db:35:ca:fd:24:91:23:8b:bd:26:70:2f:c1:6b:7a: df:e6:84:af:08:4f:e0:f0:ad:34:68:df:9f:1a:b9: 45:1a:2f:a9:c5:3f:06:13:17:dd:57:91:01:d7:78: 5a:ef:f8:cc:6d:e8:b7:05:1d:66:9a:ab:e4:8c:c1: e9:14:8a:f8:b5:47:a2:9b:ff:f4:04:bc:42:55:7e: e7:12:8f:79:20:02:6c:92:58:bf:18:e5:74:43:89: c2:eb:12:dd:49:02:4a:f5:e7:8f:8c:5a:ab:c4:65: 3a:1d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A1:C7:92:2A:FA:E5:96:70:AB:BE:4F:76:14:71:6C:57:37:81:4E:CB X509v3 Authority Key Identifier: keyid:DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/oceSKvrllnCrvk92FHFsVzeBTss.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/2q8XsAFdu3zZkvJs3_AcTiYgtz4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 89.40.80.0/24 IPv6: 2a00:8a84:c010::/44 Signature Algorithm: sha256WithRSAEncryption c3:24:80:f4:7f:9e:ca:f3:7d:48:fb:f6:84:3d:f5:74:36:39: de:a9:02:db:eb:96:9f:ed:d6:02:46:43:55:a6:c4:6c:f7:9a: 74:05:95:91:8d:16:cd:db:3a:7f:4b:a3:9f:c2:39:36:83:c3: 0c:cf:d9:fb:64:ad:8d:78:68:33:18:6c:1d:3b:e8:b8:bd:51: 8a:9c:44:8a:1b:6a:18:c0:89:83:4e:95:1a:90:17:33:41:87: f1:7c:d8:85:1e:51:4b:2c:8b:d1:94:ca:18:44:cd:fd:15:3f: 3f:73:35:43:ca:69:77:53:e1:86:eb:bc:15:8b:34:90:57:84: 0d:bc:5a:d5:ef:1d:53:43:20:4f:74:9a:94:95:9f:20:63:29: 28:26:ab:a1:e5:e2:74:0f:86:74:e9:18:21:9f:ca:2a:67:15: c1:8b:5c:81:8d:21:03:a9:fe:44:fb:41:3d:d4:15:5f:ed:fc: b7:56:3e:64:f4:7e:57:e1:13:c6:f8:52:a8:05:81:b7:b2:d1: 33:39:83:a5:5f:4e:a1:96:8d:d1:6c:79:99:ef:35:48:ac:7b: f8:bf:c5:61:63:49:ae:16:31:77:40:22:78:a7:cc:c3:6f:11: fd:56:2d:e7:86:45:bc:03:c5:20:bc:37:a8:dc:02:6d:08:31: 2e:da:36:9d -----BEGIN CERTIFICATE----- MIIFDjCCA/agAwIBAgISAZt3xoypvi3AkO7TD3a8HP9YMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRhYWYxN2IwMDE1ZGJiN2NkOTkyZjI2Y2RmZjAxYzRlMjYy MGI3M2UwHhcNMjYwMTAxMDQxNzM5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhhMWM3OTIyYWZhZTU5NjcwYWJiZTRmNzYxNDcxNmM1NzM3ODE0ZWNiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmTFhT4gLqkmqk26jrDNHhGbmRHla K7P08+X3nyOB4WisapzFkWAhH54gxaH7u5C2Cz4ZGg5WIm32P89+I1HTpECWhxhB HtqKoYt30lItAlN7v4CwprWNfmj/rebVw4F/hqb1Bkl8xmASnndhECqFYyw9WsDq 8r+xl1JedflGWGcUcJD/gpS4Agm9RH9Hh/DO9iGnBuHbNcr9JJEji70mcC/Ba3rf 5oSvCE/g8K00aN+fGrlFGi+pxT8GExfdV5EB13ha7/jMbei3BR1mmqvkjMHpFIr4 tUeim//0BLxCVX7nEo95IAJskli/GOV0Q4nC6xLdSQJK9eePjFqrxGU6HQIDAQAB o4ICGjCCAhYwHQYDVR0OBBYEFKHHkir65ZZwq75PdhRxbFc3gU7LMB8GA1UdIwQY MBaAFNqvF7ABXbt82ZLybN/wHE4mILc+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMnE4WHNBRmR1M3paa3ZKczNfQWNUaVlndHo0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS9jODk3M2MtM2NmYS00NjA0LTgxMTAt Y2YwNmQxOTgzYmExLzEvb2NlU0t2cmxsbkNydms5MkZIRnNWemVCVHNzLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80NS9jODk3M2MtM2NmYS00NjA0LTgxMTAtY2YwNmQxOTgzYmEx LzEvMnE4WHNBRmR1M3paa3ZKczNfQWNUaVlndHo0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAWShQMA8E AgACMAkDBwQqAIqEwBAwDQYJKoZIhvcNAQELBQADggEBAMMkgPR/nsrzfUj79oQ9 9XQ2Od6pAtvrlp/t1gJGQ1WmxGz3mnQFlZGNFs3bOn9Lo5/COTaDwwzP2ftkrY14 aDMYbB076Li9UYqcRIobahjAiYNOlRqQFzNBh/F82IUeUUssi9GUyhhEzf0VPz9z NUPKaXdT4YbrvBWLNJBXhA28WtXvHVNDIE90mpSVnyBjKSgmq6Hl4nQPhnTpGCGf yipnFcGLXIGNIQOp/kT7QT3UFV/t/LdWPmT0flfhE8b4UqgFgbey0TM5g6VfTqGW jdFseZnvNUise/i/xWFjSa4WMXdAIninzMNvEf1WLeeGRbwDxSC8N6jcAm0IMS7a Np0= -----END CERTIFICATE-----Generated at Sun Jan 25 19:18:58 2026 by rpki-client